I Found a Bug That Could Hack ANY Microsoft 365 Tenant - Here's What Happened

Video Description

In this episode, I chat with Dirk-jan Mollema, the legendary researcher behind some of the most important discoveries in Microsoft identity security. We go deep into how curiosity led him from tinkering with web tools to uncovering one of the biggest Entra ID vulnerabilities ever found. He shares the story behind the CVE that rocked the cloud world, the stress of realizing what he’d uncovered, and the mindset that drives his relentless research. If you’ve ever wondered what it feels like to find a bug that could break the internet—this one’s for you. About Dirk-jan Mollema Dirk-Jan Mollema is a security researcher and consultant specializing in Microsoft Entra ID (Azure AD) and Active Directory security. He is the creator of popular offensive security tools including ROADtools and ROADrecon. With seven years of Entra research and nearly a decade in AD security, Dirk-Jan has discovered numerous critical vulnerabilities and has been instrumental in improving Microsoft’s cloud security posture. He provides training and consulting services through his company Outsider Security. Twitter → https://twitter.com/_dirkjan LinkedIn → https://www.linkedin.com/in/dirkjanm Contact → https://outsidersecurity.nl 🔗 Related Links ROADtools - https://github.com/dirkjanm/ROADtools Dirk-Jan’s Blog - https://dirkjanm.io One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens - https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens 📗 Chapters 00:00 Intro 02:11 Guest Journey into Security 07:13 Building Roadtools & Recon 09:53 Research Tools & Methods 14:05 Top Discoveries Ranked 17:01 Windows Hello & PRT Deep Dive 26:07 The Cross-Tenant Actor Token Bug 35:34 Ethical Dilemmas of Big Finds 38:24 Disclosure, Impact & Community 45:59 Future Research & Intune Tips 53:58 Training, Consulting & Closing Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill’s socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill